What is the severity of CVE-2021-36296?

CVE-2021-36296 is considered a critical vulnerability due to its potential for authenticated remote code execution.

How do I fix CVE-2021-36296?

To fix CVE-2021-36296, users should upgrade to a version of Dell VNX2 OE for File later than 8.1.21.266.

Who is affected by CVE-2021-36296?

CVE-2021-36296 affects users of Dell VNX2 OE for File versions 8.1.21.266 and earlier.

What are the consequences of exploiting CVE-2021-36296?

Exploiting CVE-2021-36296 allows a remote malicious user to execute commands on the system with privileges.

Is Dell VNX2 OE for File still vulnerable after the update?

No, updating to a version later than 8.1.21.266 will mitigate the vulnerability identified in CVE-2021-36296.

Vulnerability/
CVE-2021-36296

critical

CWE

25/1/2022

16/9/2024

CVE-2021-36296: OS Command Injection

First published: Tue Jan 25 2022(Updated: )

Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code execution vulnerability. A remote malicious user with privileges may exploit this vulnerability to execute commands on the system.

Credit: security_alert@emc.com

Affected Software	Affected Version	How to fix
Dell EMC Unity XT Operating Environment	<=8.1.21.266
Dell VNX VG10
Dell VNX VG50
EMC VNX5200
Dell EMC VNX5400
EMC VNX5600
EMC VNX5800
Dell VNX7600
Dell VNX8000

Never miss a vulnerability like this again

Reference Links

https://www.dell.com/support/kbdoc/en-us/000191155/dsa-2021-164-dell-vnx2-control-station-security-update-for-multiple-vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2021-36296?
CVE-2021-36296 is considered a critical vulnerability due to its potential for authenticated remote code execution.
How do I fix CVE-2021-36296?
To fix CVE-2021-36296, users should upgrade to a version of Dell VNX2 OE for File later than 8.1.21.266.
Who is affected by CVE-2021-36296?
CVE-2021-36296 affects users of Dell VNX2 OE for File versions 8.1.21.266 and earlier.
What are the consequences of exploiting CVE-2021-36296?
Exploiting CVE-2021-36296 allows a remote malicious user to execute commands on the system with privileges.
Is Dell VNX2 OE for File still vulnerable after the update?
No, updating to a version later than 8.1.21.266 will mitigate the vulnerability identified in CVE-2021-36296.

agent/type
agent/softwarecombine
agent/weakness
agent/author
agent/severity
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/dell
canonical/dell emc unity xt operating environment
version/dell emc unity xt operating environment/8.1.21.266
canonical/dell vnx vg10
canonical/dell vnx vg50
canonical/emc vnx5200
canonical/dell emc vnx5400
canonical/emc vnx5600
canonical/emc vnx5800
canonical/dell vnx7600
canonical/dell vnx8000

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.